Hacking

Pierluigi Paganini September 09, 2019
Wikipedia suffered intermittent outages as a result of a malicious attack

The popular free online encyclopedia Wikipedia was not reachable following what it has described as a “malicious attack”. Popular online reference website Wikipedia went down in several countries after the server of the Wikimedia Foundation that host it were hit by a “massive” Distributed Denial of Service (DDoS) attack. The news of intermittent outages was […]

Pierluigi Paganini September 09, 2019
China-linked APT3 was able to modify stolen NSA cyberweapons

China-linked APT3 stole cyberweapons from the NSA and reverse engineered them to create its arsenal. In 2010, security firm FireEye identified the Pirpi Remote Access Trojan (RAT) which exploited a then 0-day vulnerability in Internet Explorer versions 6, 7 and 8. FireEye named the threat group APT3 which has also been described as TG-0100, Buckeye, […]

Pierluigi Paganini September 09, 2019
Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. Belarusian police have seized the servers of XakFor (xakfor[.]net), a popular hacking forum a place frequented by hackers, malware authors, scammers and cybercriminals. The news was first reported by the Belarusian news outlet […]

Pierluigi Paganini September 08, 2019
Experts found Joker Spyware in 24 apps in the Google Play store

Security experts at Google have removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” Google has removed from Google Play 24 apps because they were infected with a new spyware tracked as “the Joker.” The spyware is able to steal SMS messages, contact lists and device […]

Pierluigi Paganini September 07, 2019
Experts add a BlueKeep exploit module to MetaSploit

Maintainers of the open-source Metasploit penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. There is a surprise for Metasploit users, maintainers of the open-source penetration testing framework have added a public exploit module for the BlueKeep Windows flaw. The BlueKeep vulnerability, tracked as CVE-2019-0708, impacts the Windows Remote Desktop Services (RDS) and was addressed by Microsoft […]

Pierluigi Paganini September 07, 2019
Thousands of servers infected with the Lilocked Ransomware

A new ransomware tracked as Lilocked (or Lilu) by researchers is actively targeting servers and encrypting the data stored on them. The Lilocked ransomware has already infected thousands of Linux-based web servers since mid-July. The Lilocked ransomware was first reported at the end of July by the popular malware researcher Michael Gillespie after a sample has been  uploaded […]

Pierluigi Paganini September 06, 2019
PHP new versions fix multiple code execution issues

Maintainers at the PHP programming language have released new versions that address multiple flaws, including some code execution issues. The development team behind the PHP programming language recently released new versions of PHP to address multiple high-severity vulnerabilities in its core and bundled libraries. The most severe flaw could be exploited by a remote attacker […]

Pierluigi Paganini September 06, 2019
Over 600k GPS trackers left exposed online with a default password of ‘123456’

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” Researchers from Avast discovered at least 600,000 GPS trackers that were exposed online with a default password of “123456.” The […]

Pierluigi Paganini September 05, 2019
Zero-day vulnerability in Android OS yet to be patched

Maintainers of the Android Open Source Project (AOSP) failed to address a privilege escalation bug in the Android mobile OS that was reported six months ago. Experts disclosed details of a zero-day vulnerability that affects the Android mobile operating system. The high-severity zero-day issue resides in the driver for the Video For Linux 2 (V4L2) […]

Pierluigi Paganini September 05, 2019
Year-Old Samba flaw allows escaping from the share path definition

Experts discovered a year-old flaw in Samba software that could be exploited to bypass file-sharing permissions and access forbidden root shares paths. Security researchers discovered a year-old vulnerability in Samba software that could be exploited, under certain conditions, to bypass file-sharing permissions and access forbidden root shares paths. “On a Samba SMB server for all […]